In load_checks(), add return check for malloc() to avoid NULL reference.
Signed-off-by: Jie Lu <lujie54@huawei.com>
Acked-by: James Carter <jwcart2@gmail.com>
Use string literal as format string so that compilers can validate the
count and types of the inherent arguments.
sestatus.c: In function ‘printf_tab’:
sestatus.c:175:16: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
175 | printf(buf, outp);
| ^~~
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
In case lstat(3) fails the memory is not free'd at the end of the for
loop, due to the control flow change by continue.
Found by scan-build.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
It is quite useful even to non-privileged users and doesn't require any
privileges to work, except for maybe -v.
Some tools hard code the old path, so a compatibility symlink is also
created.
Signed-off-by: Jonathan Hettwer <j2468h@gmail.com>
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
clang's static analyzer reports a potential memory leak because the
buffers allocated in pc and fc are not freed in main(), in sestatus.c.
Free these buffers properly.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
"sestatus -v" uses /proc/$PID/exe symbolic link in order to find the
context of processes present in /etc/sestatus.conf. For example, this
file includes "/usr/sbin/sshd".
On Arch Linux, /bin, /sbin and /usr/sbin are symbolic links to /usr/bin,
so sshd process is seen as "/usr/bin/sshd" instead of "/usr/sbin/sshd".
This causes "sestatus -v" to show nothing in "Process contexts:" for
sshd, agetty, etc.
Use realpath() to resolve any symlink components in program paths
defined in /etc/sestatus.conf. This makes "sestatus -v" show the
expected result:
Process contexts:
Current context: sysadm_u:sysadm_r:sysadm_t
Init context: system_u:system_r:init_t
/sbin/agetty system_u:system_r:getty_t
/usr/sbin/sshd system_u:system_r:sshd_t
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
There were several places in the makefiles where LDLIBS or CFLAGS were
supposed to include options to build. They were missing the override
keyword so would be skipped if these vars were set on the make cmdline.
Add the override directive to fix this.
Signed-off-by: Jason Zaman <jason@perfinion.com>
The toolchain automatically handles them and they break cross compiling.
LDFLAGS should also come before object files, some flags (eg,
-Wl,as-needed) can break things if they are in the wrong place)
Gentoo-Bug: https://bugs.gentoo.org/500674
Signed-off-by: Jason Zaman <jason@perfinion.com>
The code did:
len = strlen(string);
new_string = malloc(len);
strncpy(new_string, string, len - 1)
Which is perfectly legal, but it pissed off coverity because 99/100
times if you do new_string = malloc(strlen(string)) you are doing it
wrong (you didn't leave room for the nul). I rewrote that area to just
use strdup and then to blank out the last character with a nul. It's
clear what's going on and nothing looks 'tricky'. It does cost us 1
byte of heap allocation. I think we can live with that to have safer
looking string handling code.
Signed-off-by: Eric Paris <eparis@redhat.com>
sestatus has been modified to present additional information: SELinux root
directory, MLS flag and the deny_unknow flag. The man page has been updated
to reflect these changes and an sestatus.conf(5) man page has also been added.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This is purely personal preference. Most of the Makefiles use $() for
Makefile variables, but a couple of places use ${}. Since this obscured
some later Makefile changes I figured I'd just make them all the same up
front.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
